Remember, encryption makes the internet a cozy bedside chat
...unless you're communicating with someone in the UK, who can
be compelled to hand over/their/ key (on pain of five years
in prison), and who is forbidden to tell you (or anyone else)
that using encryption to communicate with them is now
compromised (on pain of, you guessed it, five years in
prison. This is the way that ECHELON works: one of it's
functions is to allow certain members of UKUSA to get around
domestic legislation banning surveillance of their own citizens.
There's no law forbidding them from using stuff intercepted,
and then passed on by, friendly governments.
The worldwide stampede to crush individual's freedom and privacy
is the most depressing thing to happen since I was born four
decades back. Join the EFF, write to your governmental representatives,
and encrypt, encrypt, encrypt... secure your machines and networks
as well as you possibly can. Use IPSec. Use VPNs. Tunnel stuff through
ssh.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (CYGWIN_NT-4.0)
Comment: For info see http://www.gnupg.org
Feel free to hack into my home network. It's IP range is 192.168.0.1 - 192.168.0.13.
How wonderful, someone who still thinks NAT equals security!
I'm not going to spell it out to you, but I suggest you:
1. tighten up your firewall rules immediately. (You ARE running
a firewall, aren't you?)and
2. Start checking your IDS logs closely for the next few days.
(You ARE running an IDS, aren't you?)
OK, if you want further hints for your googling: firstly, look for `arp poisoning Dug Song MitM'. Then search the Bugtraq, and perhaps the sec-focus Pen-testing list archives, for info about how to own the OS/platform you're NATing with (ie if you're NATing thru Linux, I mean the Linux box.) Remember to check for known vulnerabilities in the services that show up when you nmap your external interface. Yeah, of course you're completely up to date with all current patches, but I bet that there was a window of vulnerability before you applied each one...
In general, boasting on Slashdot about how secure one's network is, is a BAD idea.
the kinds of attacks the government seems to fear, namely massive DOS attacks. Or is there something else a 'net terrorist' could do to 'disrupt the vital flow of information'?
The problem is that much of the 'vital information' in today's society flows over the public internet - by definition. Sure, take military command and control comms out of band - that makes perfect sense anyway, which is probably why there are several separate, highly secure military and governmental IP internetworks that are supposed to be completely separate from the public Net. (Although, as Bruce Schnier points out in the latest Cryptogram, ILoveYou made it onto the 'secure' network within 48 hours...
I was just looking at a job ad in the paper - probably a bit ambitious for me, but why not give it a go? I thought. "Head of Web Services" for the UK Home Office; that'd look great on the CV, looks like a fun job too, and well paid. "For details, write to:..." it says. Ah, but look - there's an URL for the outsourced recruitment firm they've retained! I'll use that.
Check it out on their website: you couldn't make this up...
OT: business book recommendation...
on
Good to Great
·
· Score: 2, Informative
I know this is off-topic & will be modd'd as such - but just wanted to spread the, uh, Good News according to Rageboy.
An excellent business book - the best book on the practice of Good Marketing I've ever read in fact - is
Gonzo Marketing: Winning through Worst Practices.
It's also very entertaining, and geek-friendly in terms of it's approach to the topic and attitude towards mega-corp mass marketing. I'd say it was in tune with the general Slashdot consensus on such things, as well as managing to be thought provoking and highly stimulating. I haven't read anything that made me physically bounce up and down so much since, oooh, "Mastering Algorithms with Perl";)
Use a deckchair or recliner to avoid straining your neck. Without one you'll be in agony within 30 minutes.
If nothing much is happening when you first start looking, remember that it takes at least 30 minutes for your eyes to adapt to the darkness. Meteors tend to come in short bursts of activity, followed by a quieter patch, so give it an hour or two.
Don't expect the 4th of July! They're "just" ordinary shooting stars - it's just that the rates will be much much higher than normal. This also improves your chances of seeing 'bolides', aka fireballs - these are meteors that are so big that they disintegrate in a bright "terminal flash" - and persistent trains (smoke trails.)
Remember that you won't see much before local midnight, as the earth has to rotate so that your location is on the side of the planet moving forward in the direction of Earth's orbit.
If you are lucky enough to witness a major outburst, and you're an inexperienced amateur, don't worry about trying to calculate rates!
In general, face in whichever direction gives you the best field of view, EXCEPT directly at Leo (the contstellation that gives the Leonids the name.) This is the RADIANT, ie the location that they will appear to radiate AWAY from.
Don't use binoculars or a telescope - they restrict your field a view, whereas the naked eye can cover ~40% of the sky simultaneously. (You often see them best in your peripheral vision anyway.)
Don't give up if it's a bit cloudy. Terminal flashes lighting up clouds from behind are truly spectacular, a Close Encounters of the 3rd Kind type sight!
If you enjoy the experience, get into amateur astronomy - it's a fantastic hobby!
Firstly,The Register ran a story covering much the same info in a much more entertaining way.
Secondly, we know how the deal was reached. Microsoft bought the law,
and the law won. "Don't you know there's a war on?" Someone seems
to think that MS are an American company, therefore their monopoly is
actually a GOOD thing because it means American software dominates
the world. WindowsXP is good for the economy; if you're running Linux
or BSD, the terrorists are already winning!
Thirdly, us Europeans are waiting with bated breath to see
what the EU do. As (again) The Reg points out,
there's none of this 'adjourning for a second hearing in the
consideration of whether to refer the case to another appeal'
nonsense over here. Let's hope that turns out to be good news
rather than bad news...
--
Carolyn Meinel, Scientific American: "Those computers ran Linux, which
meant that they could impersonate any other server on the Internet."
Is the United States still the best choice of a
place to live for safety, freedom, and quality of life?
(ObDisclaimer about hating to sound like flamebait or troll) but really, only an American could say such a thing about their own country (let alone about America!)
I think those of us in RoW are well aware of the corrupt & shallow US political culture, obsession with material success & status, barbaric policy of executing black people (and keeping many of the rest firmly repressed, whilst claiming to be the land of equality and fairness for all), highest proportion of population in jail, etc etc.
Let me add that the several Americans I've met personally IRL and (mostly) on the net have been mostly intelligent, nice, probably good people. By shee, you must all get pretty intense brainwashing.
Haven't read the other comments yet but I'm sure others will have mentioned this piece on the Other Place. Interesting and largely flamefree comment from a wide variety of opinions. Let's see what the people have posted here on/....
As always on the occasions when some tech story is big enough to make it into the mainstream media, we get to cringe at their awful attempts to explain things to the general public which they don't understand themselves. I woke up this morning to hear a BBC radio interviewer asking "so what are these source codes? are they like blueprints?"... discussion then proceeded to the topic of could the 'hackers' have planted "a virus or bug"[sic] in Windows? "Yes", said their expert, "and that could be included in every copy of Windows shipped from today!" ARRRRGGGHHHH.
Perhaps this is a UK-only phenomena. Eventually the BBC etc might stop assuming that their audience thinks of computers as huge semi-sentient boxes with spinning tape drives and flashing lights that talk to their operators. Or that Microsoft are the best and only software source in the world. ("How could this happen to Microsoft of all companies?" asked the same interviewer.)
And the use of "hacker"...
/me goes up in a puff of unsmoke.
Well, I was fired by
these people for, amongst other things 'continuing to use PERL [sic and Apache in defiance of corporate standards." Well, that was correct; I used them, and the standards were IIS / VB. Couple of employers down the line I'm quite enjoying using mod_perl to build sites which real people will (hopefully) actually use. Their corporate policy was wrong, it was stupid, and their refusal to even consider the arguments for doing anything differently was.... worse. They were NOT flexible, not remotely.
Ak, I haven't had my first coffee of the day, what am I posting to slashdot...
Scientific American did a fascinating and revolting article on the hagfish (aka: slime eels)... ever wonder what happens to whales when they die? The slime eel happens... ickkkk!!
Weirdly, the only thing that shows up when you search for 'hagfish' the results that showed up prominently featured the name "Caroline Meinel". Odd, that.
Absolutely... when the Lameness list got a mention on The Register I got a load of new recommendations, almost all from embittered sysadmins and back-end hackers.
The fact is that much of our back-slapping and pride in having built the internet is - well, not delusional exactly, but let's face facts, we are NOT the ones making big money from the Web. In my company the PR and marketing people, and the strategic-level suits, are the ones making real money. Oh, of course, we're well paid by the standards of the 'normal' economy; but let's not kid ourselves that this is anything but the suits tossing us whatever relatively minor rewards it takes to keep us at the twelve-hour days.
Shameless plug: The Lameness List :
UK dotcoms, run by marketing types, designed and built in Photoshop, with Flash galore, "optimised
for IE", and all the other 'features' you love to hate...
Ha ha, only serious. Many places don't have laws against this sort of thing. Where I come from, 8 year olds were working down coalmines within the last 100 years. Countries dependent upon extractive industries for large chunks of their national income tend to be less fussy about these things...
ask yourself where the copper in your CAT 5 came from...
The reason for this is that they don't CARE if you or I or any weirdo geek Linux user doesn't accept a browser re-size, or has Javascript turned off, or are using a non-NS/IE browser.(I actually got bounced from a site last week "your browser doesn't appear to support Flash! Better upgrade to IE5" when using mozilla:) They don't care if they're not listed on a search engine. 99% of their audience are supposed to be pulled in by advertising, mostly posters (cheap!). Who goes to a search engine & searches for "buy clothes online" FFS? The theory is that once J.Random Normal-Person has scribbled the URL on their hand, and used the site once, they're hooked & will bookmark it and only use them in future.
I know it's lame, you know it's lame, but they just don't care.
Shameless plug: lame dotcoms only heard of through advertising on TV/posters in London, UK.
Anthropogenic climate change is the biggest and most frightening thing happening at present: in fact, it renders everything else the entire species has done insignificant. You worry about Napster, Microsoft, deCSS? fsck it. In the last century we drove more species extinct than at any time since 65 million years ago. And that doesn't even matter , because climate change is going to wipe out our 'civilisation' in the blink of an eye. Don't take my word for it - check the IPCC or some recent reports or even the neutered industry sops at the EPA. And what are we in the West - the people directly responsible for this catastrophe - doing? complaining about petrol prices...
Sometimes humanity makes me sick. We Europeans aren't much better than you Americans (we use half as much energy per head, which of course is still 10-100 times more than the 3rd World.) And the third world of course can't be held back: China and India and the Pacific Rim are/developing/ countries.
Sorry for the pessimistic rant. But seeing the jokey responses to this story fills me with despair.
I wonder whether idealab will sue Bainlab for the same reason? (hmmm, think I missed them off the lameness list... "a mistake I don't mean to dooplicate" - check Bainlab in mozilla... heh, they really 'get' this "web thing", ay!
Slashdot Mirror
Hash: SHA1
...unless you're communicating with someone in the UK, who can
be compelled to hand over
in prison), and who is forbidden to tell you (or anyone else)
that using encryption to communicate with them is now
compromised (on pain of, you guessed it, five years in
prison. This is the way that ECHELON works: one of it's
functions is to allow certain members of UKUSA to get around
domestic legislation banning surveillance of their own citizens.
There's no law forbidding them from using stuff intercepted,
and then passed on by, friendly governments.
The worldwide stampede to crush individual's freedom and privacy
is the most depressing thing to happen since I was born four
decades back. Join the EFF, write to your governmental representatives,
and encrypt, encrypt, encrypt... secure your machines and networks
as well as you possibly can. Use IPSec. Use VPNs. Tunnel stuff through
ssh.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (CYGWIN_NT-4.0)
Comment: For info see http://www.gnupg.org
iD8DBQE7/VmVkZawWPzItK8RAncVAJ0ZmBWoSyZvCTaez68
5GaHQtwd6JBeRGZIdnWZ8GQ=
=/2q4
-----END PGP SIGNATURE-----
If you're not connected to the internet, how do you post to Slashdot? Mind control?
How wonderful, someone who still thinks NAT equals security!
I'm not going to spell it out to you, but I suggest you:
1. tighten up your firewall rules immediately. (You ARE running
a firewall, aren't you?)and
2. Start checking your IDS logs closely for the next few days.
(You ARE running an IDS, aren't you?)
OK, if you want further hints for your googling: firstly, look for `arp poisoning Dug Song MitM'. Then search the Bugtraq, and perhaps the sec-focus Pen-testing list archives, for info about how to own the OS/platform you're NATing with (ie if you're NATing thru Linux, I mean the Linux box.) Remember to check for known vulnerabilities in the services that show up when you nmap your external interface. Yeah, of course you're completely up to date with all current patches, but I bet that there was a window of vulnerability before you applied each one...
In general, boasting on Slashdot about how secure one's network is, is a BAD idea.
The problem is that much of the 'vital information' in today's society flows over the public internet - by definition. Sure, take military command and control comms out of band - that makes perfect sense anyway, which is probably why there are several separate, highly secure military and governmental IP internetworks that are supposed to be completely separate from the public Net. (Although, as Bruce Schnier points out in the latest Cryptogram, ILoveYou made it onto the 'secure' network within 48 hours...
I was just looking at a job ad in the paper - probably a bit ambitious for me, but why not give it a go? I thought. "Head of Web Services" for the UK Home Office; that'd look great on the CV, looks like a fun job too, and well paid. "For details, write to:..." it says. Ah, but look - there's an URL for the outsourced recruitment firm they've retained! I'll use that.
Check it out on their website: you couldn't make this up...
An excellent business book - the best book on the practice of Good Marketing I've ever read in fact - is
Gonzo Marketing: Winning through Worst Practices.
It's also very entertaining, and geek-friendly in terms of it's approach to the topic and attitude towards mega-corp mass marketing. I'd say it was in tune with the general Slashdot consensus on such things, as well as managing to be thought provoking and highly stimulating. I haven't read anything that made me physically bounce up and down so much since, oooh, "Mastering Algorithms with Perl"
We now return you to the topic.
Clear skies, and good luck everyone!
Secondly, we know how the deal was reached. Microsoft bought the law,
and the law won. "Don't you know there's a war on?" Someone seems
to think that MS are an American company, therefore their monopoly is
actually a GOOD thing because it means American software dominates
the world. WindowsXP is good for the economy; if you're running Linux
or BSD, the terrorists are already winning!
Thirdly, us Europeans are waiting with bated breath to see
what the EU do. As (again) The Reg points out,
there's none of this 'adjourning for a second hearing in the
consideration of whether to refer the case to another appeal'
nonsense over here. Let's hope that turns out to be good news
rather than bad news...
--
Carolyn Meinel, Scientific American: "Those computers ran Linux, which
meant that they could impersonate any other server on the Internet."
place to live for safety, freedom, and quality of life?
(ObDisclaimer about hating to sound like flamebait or troll) but really, only an American could say such a thing about their own country (let alone about America!)
I think those of us in RoW are well aware of the corrupt & shallow US political culture, obsession with material success & status, barbaric policy of executing black people (and keeping many of the rest firmly repressed, whilst claiming to be the land of equality and fairness for all), highest proportion of population in jail, etc etc.
Let me add that the several Americans I've met personally IRL and (mostly) on the net have been mostly intelligent, nice, probably good people. By shee, you must all get pretty intense brainwashing.
Haven't read the other comments yet but I'm sure others will have mentioned this piece on the Other Place. Interesting and largely flamefree comment from a wide variety of opinions. Let's see what the people have posted here on /. ...
> Rather than try to graft cryptography on top of
> the voting process, I would rather see human
>reforms.
How about preventing corporations from donating money to slush funds? Corruption is generally considered a Bad Thing.
How about some form of proportional representation, rather than this 18th century nightmare of an electoral college (FFS!) which you're stuck with?
<toc> <toc> <toc> These Americans are crazy.
Oh sure. Unix boxes never get cracked.
Perhaps this is a UK-only phenomena. Eventually the BBC etc might stop assuming that their audience thinks of computers as huge semi-sentient boxes with spinning tape drives and flashing lights that talk to their operators. Or that Microsoft are the best and only software source in the world. ("How could this happen to Microsoft of all companies?" asked the same interviewer.)
And the use of "hacker"...
/me goes up in a puff of unsmoke.
Ak, I haven't had my first coffee of the day, what am I posting to slashdot...
Weirdly, the only thing that shows up when you search for 'hagfish' the results that showed up prominently featured the name "Caroline Meinel". Odd, that.
The article appears not to be online (boo!) but here's a summary: http://www.sciam.com/1998/1098issue/1098quicksumma ry.html
The fact is that much of our back-slapping and pride in having built the internet is - well, not delusional exactly, but let's face facts, we are NOT the ones making big money from the Web. In my company the PR and marketing people, and the strategic-level suits, are the ones making real money. Oh, of course, we're well paid by the standards of the 'normal' economy; but let's not kid ourselves that this is anything but the suits tossing us whatever relatively minor rewards it takes to keep us at the twelve-hour days.
ask yourself where the copper in your CAT 5 came from...
We now return you to your normal service
I know it's lame, you know it's lame, but they just don't care.
Shameless plug: lame dotcoms only heard of through advertising on TV/posters in London, UK.
http://www.theregister.co.uk/content/1/13767.html
Sometimes humanity makes me sick. We Europeans aren't much better than you Americans (we use half as much energy per head, which of course is still 10-100 times more than the 3rd World.) And the third world of course can't be held back: China and India and the Pacific Rim are /developing/ countries.
Sorry for the pessimistic rant. But seeing the jokey responses to this story fills me with despair.
www.zpok.demon.co.uk/cuecat/
such wonderful entertainment value
I wonder whether idealab will sue Bainlab for the same reason? (hmmm, think I missed them off the lameness list... "a mistake I don't mean to dooplicate" - check Bainlab in mozilla... heh, they really 'get' this "web thing", ay!
Nope, I'm talking about my home systems.